Fail2ban scans log files and bans IP addresses that have too many password failures. It will then update the firewall rules on the server to reject said IP address for a configured amount of time. You can set up ignore IPs as well so you don't accidently get locked out of your machine. This guide will show you how to install fail2ban on a centos server - the one I installed it on was running CentOS 5.7 and cPanel 11.3x